DUBAI, UAE, October 24, 2023 /EINPresswire.com/ -- ANY.RUN, a leading interactive malware analysis platform, has uncovered a sophisticated cyberattack that utilizes images to deliver malware.

𝗦𝘁𝗲𝗴𝗮𝗻𝗼𝗴𝗿𝗮𝗽𝗵𝗶𝗰 𝗺𝗮𝗹𝘄𝗮𝗿𝗲

The technique, known as steganography, allows criminals to conceal malicious code within seemingly innocuous image files, making it difficult for traditional security measures to detect. The use of steganography is particularly concerning as it lets attackers hide malware in plain sight.

𝗨𝗻𝗱𝗲𝗿𝘀𝘁𝗮𝗻𝗱𝗶𝗻𝗴 𝘁𝗵𝗲 𝗔𝘁𝘁𝗮𝗰𝗸

This attack begins with a phishing email that either contains a malicious attachment or a link, which is a common tactic used by cybercriminals to trick users into opening or downloading malware.

If the user opens the attachment, a vulnerability in Microsoft Office (CVE-2017-11882) is exploited to download the malicious payload. If the user clicks on the link, they are redirected to a website where they are prompted to download an archive file. This archive file contains a Visual Basic Script (VBS) file with a deceptive filename.

When the user opens the archive and runs the VBS file, it downloads an image file from a remote server. This image file is not what it seems – it contains hidden malicious code embedded within it using steganography. The VBS script then extracts and executes this hidden code, infecting the user's system with malware, including AgentTesla, AsyncRAT, NjRAT, Dtloader, and Remcos. These payloads can perform various malicious actions, such as stealing sensitive information, taking control of the infected system, and downloading additional malware.

𝗔𝗯𝗼𝘂𝘁 𝗔𝗡𝗬.𝗥𝗨𝗡

ANY.RUN’s interactive malware analysis platform provides a powerful tool for analyzing steganography and other types of attacks. By allowing users to observe malware behavior in a controlled environment through direct interaction, ANY.RUN can effectively expose threats and provide detailed reports on each of them.

Vlada Belousova
ANYRUN FZCO
2027889264
email us here
Visit us on social media:
Twitter
YouTube

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.